blackbasta | 2327018dab0e3beaed2123bcb5392405ab1e502dfa72a5a32c2c164346bb9bc6

General

Target

2327018dab0e3beaed2123bcb5392405ab1e502dfa72a5a32c2c164346bb9bc6
Size

470KB
Sample

221203-gna73adh6w
MD5

1a873fc3f0faa8cc2838bef59067d7d7
SHA1

5b3d6b3be96c95b9d95d5d97f60943888f332d46
SHA256

2327018dab0e3beaed2123bcb5392405ab1e502dfa72a5a32c2c164346bb9bc6
SHA512

35d2a4c17c23681fc5855dee2864041deb5ae17fffc9b71d25ad3a2484e92f272b5a779fe22dc0cf893972298c284ca3f19053cbcf2e99efbbc597b6cc769c68
SSDEEP

6144:99TB6rsikfe/YEJCksf9ljAdxil5UmMDS0sqw7qp1t/RUJ1XqQQVkgbDI+6MZ5Ot:Nhfeh7kjuslymV7qPVgllAkgbD6Xz

Score

10^/10

blackbasta ransomware

Malware Config

Extracted

Path

C:\MSOCache\readme.txt

Ransom Note

Your data are stolen and encrypted The data will be published on TOR website if you do not pay the ransom You can contact us and decrypt one file for free on this TOR site (you should download and install TOR browser first https://torproject.org) https://aazsbsgya565vlu2c6bzy6yfiebkcbtvvcytvolt33s77xypi7nypxyd.onion/ Your company id for log in: eeded09d-2ac0-4e69-bf25-875cd524e744

URLs

https://aazsbsgya565vlu2c6bzy6yfiebkcbtvvcytvolt33s77xypi7nypxyd.onion/

Targets

- Target
  
  2327018dab0e3beaed2123bcb5392405ab1e502dfa72a5a32c2c164346bb9bc6
- Size
  
  470KB
- MD5
  
  1a873fc3f0faa8cc2838bef59067d7d7
- SHA1
  
  5b3d6b3be96c95b9d95d5d97f60943888f332d46
- SHA256
  
  2327018dab0e3beaed2123bcb5392405ab1e502dfa72a5a32c2c164346bb9bc6
- SHA512
  
  35d2a4c17c23681fc5855dee2864041deb5ae17fffc9b71d25ad3a2484e92f272b5a779fe22dc0cf893972298c284ca3f19053cbcf2e99efbbc597b6cc769c68
- SSDEEP
  
  6144:99TB6rsikfe/YEJCksf9ljAdxil5UmMDS0sqw7qp1t/RUJ1XqQQVkgbDI+6MZ5Ot:Nhfeh7kjuslymV7qPVgllAkgbD6Xz
Score

10^/10

blackbasta ransomware
- Black Basta
  A ransomware family targeting Windows and Linux ESXi first seen in February 2022.
  ransomware blackbasta
- Deletes shadow copies
  Ransomware often targets backup files to inhibit system recovery.
  ransomware
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2